Get new jobs for this search by email

Lincoln Electric is the world leader in the engineering, design, and manufacturing of advanced arc welding solutions, automated joining, assembly and cutting systems, plasma and oxy-fuel cutting equipment, and is at the forefront of brazing and soldering alloys. As the Welding Expert, we leverage materials science, software development, automation engineering, and application expertise to enhance our customers' fabrication capabilities and help them build a better world. Headquartered in Cleveland, Ohio, Lincoln Electric is a $4.2B publicly traded company (NASDAQ:LECO) with over 12,000 employees worldwide, operating in 71 manufacturing and automation system integration locations across 21 countries, and maintains a global network of distributors and sales offices serving customers in over 160 countries.

Location: Euclid - 22801
Employment Status: Salary Full-Time
Function: Engineering
Pay Range: ($88,600.00 - $146,200.00)
Target Bonus: %
Req ID: 27085

Lincoln Electric is looking for a passionate and skilled Product Cybersecurity Engineer to spearhead the design and implementation of a robust product security program within our R&D department. This is an exciting opportunity to make a significant impact on the cybersecurity posture of our innovative software-driven products, including embedded systems and cloud-connected platforms. We seek a candidate who can enhance R&D capabilities to identify and mitigate security risks, integrate security best practices throughout the Secure Software Development Lifecycle (SSDLC), standardize threat modeling and risk assessment practices, and collaborate effectively across functions with IT to address critical gaps identified in our product security assessments.

Key Responsibilities:

• Develop and implement a formal Product Security Program aligned with corporate SDLC and secure design standards.
• Collaborate with engineering, IT, and compliance teams to define security requirements across product lines.
• Create and maintain security policies, procedures, and technical standards for product development.
• Stay current with emerging security threats and update the program accordingly.

Threat Modeling and Secure Design:

• Lead and standardize threat modeling using methodologies like STRIDE and PASTA.
• Assist with security architecture reviews and design analysis for products.
• Standardize guidelines for documenting data flows, trust boundaries, and security controls.

Secure Development Lifecycle Integration:

• Implement secure tools and practices into CI/CD pipelines.
• Ensure secure coding practices are validated through peer reviews and automated testing.
• Support secure signing and credential management processes.
• Conduct security training for developers and provide guidance on secure coding practices.

Vulnerability and Risk Management:

• Manage vulnerability tracking and remediation workflows.
• Coordinate with Testing and DevOps to ensure timely patching and secure deployment.
• Participate in incident response planning and security investigations.
• Engage in security assessments, including penetration testing.

Customer and Compliance Enablement:

• Work with Product Management to establish security standards for product segments.
• Ensure compliance with relevant standards (e.g., NIST, CCPA, GDPR).
• Support audits and customer security inquiries.
• Interpret security threats and regulatory changes to improve strategy.

Basic Requirements:

• Bachelor's degree in Cybersecurity, Computer Science, Electrical Engineering, or a related field.
• 8+ years of cybersecurity experience, with a focus on product or embedded system security.
• Experience in Agile/Scrum environments and familiarity with DevSecOps practices.
• Proficiency in threat modeling and vulnerability management.
• Hands-on experience with security tools (SAST/DAST, SBOM generators).
• Familiarity with secure coding in C/C++, Python, Java, and embedded systems languages.
• Understanding of secure boot and firmware signing.
• Experience with embedded Linux and real-time operating systems (RTOS).
• Strong knowledge of secure software development practices and common vulnerabilities.
• Familiarity with CI/CD pipelines and DevSecOps.
• Preferred certifications: CSSLP, CISSP, or equivalent.
• Strong communication skills and ability to lead initiatives.

Lincoln Electric is proud to be an Equal Opportunity Employer. We are committed to promoting equal employment opportunities for applicants, ensuring an inclusive work environment without regard to race, color, national origin, religion, sex, sexual orientation, gender identity, age, veteran status, disability, genetic information, or any other protected category.